Catalyst RCM Data Breach Investigation

Chimicles Schwartz Kriner & Donaldson-Smith is investigating a potential class action claim against Catalyst RCM, a medical billing and coding firm, following a data security incident that compromised the sensitive personal and health information of patients.

The breach affects individuals who received diagnostic testing services from laboratories that partner with Catalyst RCM, including Vikor Scientific (now Vanta Diagnostics), KorPath, and Korgene.

What Happened at Catalyst RCM?

On November 13, 2025, Catalyst RCM discovered suspicious activity within its secure file management system. An internal investigation revealed that an unauthorized user utilized valid login credentials to access a server between November 8 and November 9, 2025.

The Everest ransomware group claimed responsibility for the attack. The group reported stealing approximately 9.39 GB of data, consisting of over 34,000 files, and stated they had published the data on the dark web after the company failed to meet ransom demands. The incident has been reported to the Attorneys General of California and Vermont.

Catalyst RCM is currently notifying affected individuals and offering complimentary identity protection services through IDX, which reportedly includes credit monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services.

What Information Was Compromised?

The compromised files largely consist of Explanation of Benefits (EOB) letters and internal records. The exposed data may include:

Patient Names and Contact Information

Dates of Birth

Social Security Numbers

Health Insurance Information

Medical Treatment & Diagnosis Information

Medication Information

Provider Names & Dates of Service

Internal Patient Identification Numbers

Why Is This Important?

The exposure of medical and billing information places affected individuals at a significantly increased risk of medical identity theft, insurance fraud, and other financial crimes. Unlike a credit card number which can be easily changed, medical history and sensitive health data are permanent, meaning the risk to victims can persist for years.

What Should You Do?

If you received a notification from Catalyst RCM or one of the associated labs (Vikor Scientific/Vanta Diagnostics, KorPath, or Korgene) about this data breach, please contact one of our data breach attorneys by filling out the form below to learn more about your legal rights and potential claims.

Catalyst RCM Data Breach (#882)

This is a questionnaire created by the law firm of Chimicles Schwartz Kriner & Donaldson-Smith LLP (CSK&D) to investigate potential claims related to this data breach. Your answers will be screened, and you may be contacted if your responses match certain criteria.

When you submit this form, it will not automatically collect your details like name and email address unless you provide it yourself.

First Name

Last Name

Address

Address Line 1

City

State

Zip Code

Phone

Did you receive a data breach notification letter concerning the Catalyst RCM data breach?

Have you gotten an increase in spam or junk calls, texts, and emails recently?

Have you experienced any fraud as a result?

If so, please provide more details:

Please provide any additional details about your experience:

(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.

Catalyst RCM Data Breach Investigation

Haverford Office

Delaware Office

Awards

Site Map